<?php
namespace app\service;
class AlipayDecrypt
{
    const PRIKEYPATH = '/www/wwwroot/www.alizaozao.com/public/rsa/hzymt/prikey.txt';//私钥路径
    const PUBKEYPATH = '/www/wwwroot/www.alizaozao.com/public/rsa/hzymt/alipay_pubkey.txt';//支付宝公钥路径
    private $appId;
    private $alipayPublicKey;
    private $privateKey;

    public function __construct()
    {
        $this->appId = "2019061665593126";
        $this->alipayPublicKey = file_get_contents(self::PUBKEYPATH);
        $this->privateKey = file_get_contents(self::PRIKEYPATH);
    }

    function decryptPhoneNumber2($encryptedData) {
        // 处理私钥格式
        $privateKey = "-----BEGIN RSA PRIVATE KEY-----\n" .
            wordwrap($this->privateKey, 64, "\n", true) .
            "\n-----END RSA PRIVATE KEY-----";

        // 加载私钥
        $privateKeyResource = openssl_pkey_get_private($privateKey);
        if (!$privateKeyResource) {
            return ['error' => '私钥加载失败：' . openssl_error_string()];
        }

        // Base64解码
        $decodedData = base64_decode($encryptedData);
        if ($decodedData === false) {
            return ['error' => 'Base64解码失败'];
        }

        // 解密数据
        $decryptedData = '';
        $success = openssl_private_decrypt(
            $decodedData,
            $decryptedData,
            $privateKeyResource,
            OPENSSL_PKCS1_PADDING
        );

        if (!$success) {
            return ['error' => '解密失败：' . openssl_error_string()];
        }

        // 解析JSON
        $phoneInfo = json_decode($decryptedData, true);
        if (json_last_error() !== JSON_ERROR_NONE) {
            return ['error' => 'JSON解析失败：' . json_last_error_msg()];
        }

        // 释放资源
        openssl_free_key($privateKeyResource);

        return $phoneInfo;
    }
    public function decryptPhoneNumber($encryptedData, $iv)
    {
        // 验签
        $signContent = base64_decode($encryptedData);
        $sign = base64_decode($iv); // 假设iv中包含了sign信息
        $rsaPublicKey = openssl_pkey_get_public($this->alipayPublicKey);
        $result = openssl_verify($signContent, $sign, $rsaPublicKey, OPENSSL_ALGO_SHA256);
        if ($result !== 1) {
            throw new Exception("验签失败");
        }

        // 解密
        $aesKey = base64_decode($this->privateKey); // 假设私钥用于AES解密
        $decryptedData = openssl_decrypt($signContent, "AES-128-CBC", $aesKey, OPENSSL_RAW_DATA, $iv);

        // 去除PKCS#7填充
        $decryptedData = $this->stripPKCS7Padding($decryptedData);

        // 解析JSON数据
        $data = json_decode($decryptedData, true);
        if (json_last_error() !== JSON_ERROR_NONE) {
            throw new Exception("解析JSON数据失败");
        }

        return $data;
    }

    private function stripPKCS7Padding($data)
    {
        $length = strlen($data);
        $padding = ord($data[$length - 1]);
        if ($padding > $length) {
            return false;
        }
        if (strspn($data, chr($padding), $length - $padding) !== $padding) {
            return false;
        }
        return substr($data, 0, -$padding);
    }
}
